Nonmonotonicity, User Interfaces, and Risk Assessment in Certificate Revocation

Position Paper
  • Ninghui Li
  • Joan Feigenbaum
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2339)

Abstract

We consider certificate revocation from three high-level perspectives: temporal nonmonotonicity, user interfaces, and risk management. We argue that flawed understanding of these three aspects of revocation schemes has caused these schemes to be unnecessarily costly, complex, and confusing. We also comment briefly on some previous works, including those of Rivest [16], Fox and LaMacchia [5], and McDaniel and Rubin [11].

Keywords

Certificates Revocation PKI CRL 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Carlisle Adams and Robert Zuccherato, “A General, Flexible Approach to Certificate Revocation,” June 1998. http://www.entrust.com/resourcecenter/pdf/certrev.pdf.
  2. 2.
    Carlisle Adams and Stephen Farrell, “Internet X.509 Public Key Infrastructure Certificate Management Protocols,” IETF RFC 2510, March 1999. http://www.ietf.org/rfc/rfc2510.txt.
  3. 3.
    David A. Cooper, “A Closer Look at Revocation and Key Compromise in Public Key Infrastructures,” in Proceedings of the 21st National Information Systems Security Conference, pp. 555–565, October 1998. http://csrc.nist.gov/nissc/1998/proceedings/paperG2.pdf.
  4. 4.
    David A. Cooper, “A More Efficient Use of Delta-CRLs,” in Proceedings of the 2000 IEEE Symposium on Security and Privacy, pp. 190–202, May 2000. http://csrc.nist.gov/pki/documents/sliding_window.pdf.
  5. 5.
    Barbara Fox and Brian LaMacchia, “Certificate Revocation: Mechanics and Meaning,” in FC’98 [7], pp. 158–164, 1998. http://www.farcaster.com/paperc/fc98/fc98.ps.Google Scholar
  6. 6.
    Carl A. Gunter and Trevor Jim, “Generalized Certificate Revocation,” in Proceedings of the 27th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2000), pp. 316–329, January 2000. http://www.cis.upenn.edu/~qcm/papers/popl00.pdf.
  7. 7.
    Rafael Hirschfeld (editor), Financial Cryptography: Second International Conference (FC’98), Lecture Notes in Computer Science, vol. 1465, Springer, February 1998.MATHGoogle Scholar
  8. 8.
    Russell Housley, Warwick Ford, Tim Polk, and David Solo, “Internet X.509 Public Key Infrastructure Certificate and CRL Profile,” IETF RFC 2459, Janurary 1999. http://www.ietf.org/rfc/rfc2459.txt.
  9. 9.
    Paul Kocher, “On Certificate Revocation and Validation,” inFC’98 [7], pp. 172–177, 1998.Google Scholar
  10. 10.
    Patrick McDaniel and Sugih Jamin, “Windowed Certificate Revocation,” in Proceedings of IEEE Infocom 2000, pp. 1406–1414, March 2000. http://www.eecs.umich.edu/~pdmcdan/docs/info2000.pdf.
  11. 11.
    Patrick McDaniel and Aviel Rubin, “A Response to ‘Can We Eliminate Certificate Revocation Lists?’,” in Proceedings of Financial Cryptography 2000, February 2000. http://www.eecs.umich.edu/~pdmcdan/docs/finc00.pdf.
  12. 12.
    Silvio Micali, “Efficient Certificate Revocation,” Technical Report TM-542b, MIT Laboratory for Computer Science, March, 1996. ftp://ftp.lcs.mit.edu/pub/lcs-pubs/tm.outbox/MIT-LCS-TM-542b.ps.gz.
  13. 13.
    Michael Myers, “Revocation: Options and Challenges,” inFC’98 [7], pp. 165–171, 1998.Google Scholar
  14. 14.
    Michael Myers, Rich Ankney, Ambarish Malpani, Slava Galperin, and Carlisle Adams, “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP,” IETF RFC 2560, June 1999. http://www.ietf.org/rfc/rfc2560.txt.
  15. 15.
    Moni Naor and Kobbi Nissim, “Certificate Revocation and Certificate Update,” in Proceedings of the 7th USENIX Security Symposium, pp. 217–228, January 1998. http://www.wisdom.weizmann.ac.il/~kobbi/papers/revoke_usenix.ps.
  16. 16.
    Ronald L. Rivest, “Can We Eliminate Certificate Revocation Lists?” inFC’98 [7], pp. 178–183, 1998. http://theory.lcs.mit.edu/~rivest/revocation.ps.Google Scholar
  17. 17.
    Stuart G. Stubblebine, “Recent-Secure Authentication: Enforcing Revocation in Distributed Systems,” in Proceedings of the 1995 IEEE Symposium on Research in Security and Privacy, pp. 224–234, May 1995. http://www.stubblebine.com/95oak.pdf.
  18. 18.
    Stuart G. Stubblebine and Rebbeca N. Wright, “An Authentication Logic Supporting Synchronization, Revocation, and Recency,” in Proceedings of the Third ACM Conference on Computer and Communications Security, pp. 95–105, March 1996. http://www.stubblebine.com/96ccs.pdf.
  19. 19.
    Rebecca N. Wright, Patrick D. Lincoln, and Jonathan K. Millen, “Efficient Fault-Tolerant Certificate Revocation,” in Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS 2000), November 2000. http://www.research.att.com/~rwright/ccs00.ps.
  20. 20.
    Committee on Information Systems Trustworthiness, National Research Council, Trust in Cyberspace, National Academy Press, 1999. http://www.nap.edu/html/trust/.

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Ninghui Li
    • 1
  • Joan Feigenbaum
    • 2
  1. 1.Department of Computer ScienceStanford UniversityStanfordUSA
  2. 2.Department of Computer ScienceYale UniversityNew HavenUSA

Personalised recommendations